Ethical Hacking Degrees – the good, the bad, the ugly – ethicalhack3r.co.uk
Ethical Hacking or Information Security or Computer Security or Network Security… are all included within titles of university level undergraduate degrees within the UK. No matter what they title their courses or whether or not you agree with the use of certain terms within their titles is irrelevant as they are all attempting to teach the same things.

FISMApedia – fismapedia.org
FISMApedia is a collection of documents and discussions focused on Federal IT security. This site is a database of current guidance, laws and directives on how the Federal government secures its IT assets.

Spooftooph: The Bluetooth Spoofer – sourceforge.net/projects/spooftooph/
Spooftooph is designed to automate spoofing or cloning Bluetooth device information. Make a Bluetooth device hide in plain site.

sqlmap 0.9 – sourceforge.net/projects/sqlmap/
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

hackxor – hackxor.sourceforge.net
Hackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc.

SVN Digger – Better Wordlists for Forced Browsing – mavitunasecurity.com
DirBuster ships with several wordlists, these wordlists generated via one big crawler which visited tons of websites, collected links and created most common directory / file names on the Internet.

Patriot NG – security-projects.com
Patriot is a ‘Host IDS’ tool which allows real time monitoring of changes in Windows systems or Network attacks.

CVE Checker 3.1 – cvechecker.sourceforge.net
cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database.

Microsoft Pushes Out Two New Security Tools – threatpost.com
In parallel with its release of 17 bulletins on Patch Tuesday this month, Microsoft also unveiled two new tools that are meant to help make a couple of common exploitation scenarios more difficult for attackers.

BodgeIt Store – code.google.com/p/bodgeit/
The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to penetration testing.

Qubes OS – qubes-os.org
Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps.

McAfee ShareScan – mcafee.com
ShareScan is a free utility that enables IT security personnel to identify open Windows file shares available on the internal network. This tool can help administrators identify systems that have wide open permissions or no permissions — potential vulnerabilities that should be remediated.

md5deep version 3.8 – jessekornblum.livejournal.com
This version adds two new features. First, you can now use a file to indicate the input files to process. For example, you can make a file, foo.txt.

MS10-070: Padding Oracle applied to .NET framework – bernardodamele.blogspot.com
I followed the research closely and way before vulnerability scanners like Nessus could detect the security vulnerability on .NET applications anonymously and remotely, I coded a small script to test for the flaw based on Juliano Rizzo’s details. You might still find it useful, so I thought about publishing it on GitHub.

IEZoneAnalyzer v3 – technet.com
IEZoneAnalyzer is a utility for viewing and comparing Internet Explorer security zone settings. It is particularly valuable on systems controlled through Group Policy, on which the standard security settings dialog does not allow viewing of settings.

Parsing CDP Packets With Scapy – darkoperator.com
In this blog post I will cover how to use one of the new parsers to parse CDP packets included in version 2.2 of scapy. Cisco Discovery Protocol (CDP) is a proprietary Layer 2 Data Link Layer network protocol used to share device information with devices connected on the same subnet.

BackTrack 5 on a Motorola Xoom – offensive-security.com
In the past few days we have been toying with some Motorola hardware, and have managed to get a basic build of BackTrack 5 (+ toolchain) on a Motorola Xoom.

Execute Metasploit payloads bypassing any anti-virus – bernardodamele.blogspot.com
Most of the shellcode launchers out there, including proof of concepts part of many security books, detail how to allocate a memory page as readable/writable/executable on POSIX systems, copy over your shellcode and execute it. This works just fine. However, it is limited to POSIX, does not necessarily consider 64-bit architecture and Windows systems.

Pulling and finding APKs without root on Android – intrepidusgroup.com
Since we’re not root, we can’t list the /data/app directory to locate the name of the APK file we want to pull. There’s a few ways you can tackle finding the name of the APK file, but what I find is the quickest way for me is to pull the packages.xml file.

Reverse connection: ICMP shell – bernardodamele.blogspot.com
Allowing traffic only onto known machines, ports and services (ingress filtering) and setting strong egress access control lists is one of these cases. In such scenarios when you have owned a machine part of the internal network or the DMZ (e.g. in a Citrix breakout engagement or similar), it is not always trivial to get a reverse shell over TCP, not to consider a bind shell.

KB2506014 kills TDL4 on x64 – eset.com
Not so long ago, Microsoft released a security patch addressing the way Windows x64 operating systems check integrity of the loaded modules. In our recent report (The Evolution of TDL4: Conquering x64) we described a method used by the TDL4 bootkit to load its malicious unsigned driver on 64-bit systems, even though those systems have an enforced kernel-mode code signing policy.

Uh Ah! I Happened To Use POP ESP – ragestorm.net
I had to call a C++ function from my Assembly code and keep the return value untouched so the caller will get it. Usually return values are passed on EAX, in x86 that is. But that’s not the whole truth, they might be passed on EDX:EAX, if you want to return 64 bits integer, for instance.

More certs may indicate less security – rdist.root.org
If a website has a multiple servers with different certs, the browser may often generate spurious errors for that site. But could this be a symptom of a genuine security problem?

Filejacking: How to make a file server from your browser (with HTML5 of course) – r00tsec.blogspot.com
How can a website access user’s files? Traditionally, user has to upload the file. Users commonly share photos, videos upload their files for online conversion tools etc. You could (theoretically) be tricked into uploading a sensitive file into a malicious website (“please submit your private key for checking it’s strength”), but, seriously, who falls for that?

Proxmark3/RFID Goodness – zonbi.org
There are two “types” of RFID in common use. High frequency runs at the 13.56MHz range. The MiFare stuff is in this range, although it’s slightly different to the ISO14443 A and B standard used in the CSC stuff floating around ie. $train card.

Payload bypass AV. with encoding – r00tsec.blogspot.com
This script and the relevant project files (Makefile and Visual Studio files) allow you to compile the tool once then run your shellcode across different architectures and operating systems.

Vulnerabilities:

Another day, another Flash 0-day attack
Hackers are embedding malicious Flash Player files in Microsoft Word documents to launch targeted attacks against select businesses, according to a warning from Adobe.

MSRT April ‘11: Win32/Afcore – technet.com
Win32/Afcore comprises two components, a dropper and installed malware that runs as a backdoor. The backdoor component is injected into running processes and connects to a remote server to retrieve commands that are executed on the affected system. Commands could include instructions to steal passwords, attack other computers and so on.

Vendor/Software Patches:

Patch Tuesday!
Microsoft has released its April Patch Tuesday fixes, a large group of patches that includes updates for several critical holes in Internet Explorer as well as a patch that finally fixes the SMB client bug that disclosed publicly in February.

ATM Skimmers: Hacking the Cash Machine – krebsonsecurity.com
Most of the ATM skimmers I’ve profiled in this blog are comprised of parts designed to mimic and to fit on top of existing cash machine components, such as card acceptance slots or PIN pads. But sometimes, skimmer thieves find success by swapping out ATM parts with compromised look-alikes.

SSL Issues: Solutions, Opinions and News
What lies ahead for SSL? The recent Comodo hack taught us that what we thought was a robust security protocol is nothing but a house of cards.

How Phishers Will Use Epsilon Data Against You – threatpost.com
There has been a lot of online venting and hand-wringing in the week since customers of email services provider Epsilon began informing millions of individuals in North America and Europe that their name and e-mail address had been stolen in a massive data breach.

Milw0rm and inj3ct0r Merge Into 1337day.com – greyhat-security.com
Less than an hour ago, a message was sent out via the Milw0rm.com Facebook group, announcing both a merger for milw0rm.com and inj3ct0r.com, and simultaneously, a move for inj3ct0r.com into a new domain, 1337day.com.

DOJ gets court permission to attack botnet – itworld.com
The U.S. Department of Justice and U.S. Federal Bureau of Investigation have obtained a temporary restraining order allowing them to disrupt a computer virus that created an international botnet controlling more than 2.3 million computers as of early 2010, the DOJ announced Wednesday.

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.